H3C 模拟器 pc与防火墙，交换机相连，在pc cmd下用telnet访问交换机和防火墙

架构如图

实现目的

1 在pc端，用telnet访问核心交换机10.20.4.252

2 在pc端，用telnet访问二层交换机10.20.4.253

在此之前，pc_4,pc_5与交换机的配置不进行介绍

新建vlan 10 用于管理所有的交换机

##配置二层交换机的telnet管理ip

[sw-2-1]vlan 10
[sw-2-1-vlan10]int vlan 10
[sw-2-1-Vlan-interface10]ip address 10.20.4.253
[sw-2-1-Vlan-interface10]qu
[sw-2-1]telnet server enable

[sw-2-1]user-interface vty 0 4
[sw-2-1-line-vty0-4]authentication-mode scheme
[sw-2-1-line-vty0-4]qu
[sw-2-1]local-user yhq
[sw-2-1-luser-manage-yhq]password simple 123
[sw-2-1-luser-manage-yhq]service-type telnet
[sw-2-1-luser-manage-yhq]authorization-attribute user-role level-15

##core核心交换机此步骤相同

##telnet 核心交换机//二层交换机
<core-3-1>system-view
System View: return to User View with Ctrl+Z.
[core-3-1]vlan 10
[core-3-1-vlan10]int vlan 10
[core-3-1-Vlan-interface10]dis this
#
interface Vlan-interface10
 ip address 10.20.4.252 255.255.252.0
#
return
[core-3-1-Vlan-interface10]qu
[core-3-1]user-interface vty 0 4
[core-3-1-line-vty0-4]authentication-mode scheme
[core-3-1-line-vty0-4]qu
[core-3-1]local-user yhq
New local user added.
[core-3-1-luser-manage-yhq]password simple 123
[core-3-1-luser-manage-yhq]service-type telnet
[core-3-1-luser-manage-yhq]authorization-attribute user-role level-15
[core-3-1-luser-manage-yhq]qu
[core-3-1]telnet server enable

##核心交换机的端口1修改为路由模式，并配置ip和静态路由

<core-3-1>system-view
System View: return to User View with Ctrl+Z.
[core-3-1]int g1/0/1
[core-3-1-GigabitEthernet1/0/1]dis this
#
interface GigabitEthernet1/0/1
 port link-mode bridge
 port link-type trunk
 port trunk permit vlan 1 200 300
 combo enable fiber
[core-3-1-GigabitEthernet1/0/1]port link-mode route  //配置为路由模式
[core-3-1-GigabitEthernet1/0/1]ip address 1.1.1.1 30
[core-3-1-GigabitEthernet1/0/1]qu
[core-3-1]ip route-static 0.0.0.0 0 1.1.1.2  // 添加路由表，下一条地址为1.1.1.2
[core-3-1]tracert 10.18.4.2          //跟踪
traceroute to 10.18.4.2 (10.18.4.2), 30 hops at most, 40 bytes each packet, press CTRL_C t
[core-3-1]display ip routing-table   //查看路由表
Destinations : 21       Routes : 21
Destination/Mask   Proto   Pre Cost        NextHop         Interface
0.0.0.0/0          Static  60  0           1.1.1.2         GE1/0/1
0.0.0.0/32         Direct  0   0           127.0.0.1       InLoop0

##fw的端口g1/0/1 配置ip，端口模式为route

<fw-1>system-view
System View: return to User View with Ctrl+Z.
[fw-1]int g1/0/1
[fw-1-GigabitEthernet1/0/1]dis this
#
interface GigabitEthernet1/0/1
 port link-mode route
 combo enable copper
 ip address 1.1.1.2 255.255.255.252
#
return
[fw-1]int g1/0/0 //端口g1/0/0配置
[fw-1-GigabitEthernet1/0/0]dis this
#
interface GigabitEthernet1/0/0
 port link-mode route
 combo enable copper
 ip address 10.18.4.250 255.255.252.0
 nat outbound 2001 address-group 1 no-pat description 1
#
return

在pc的cmd窗口添加路由

C:\Users\Administrator>ping 10.20.4.252
正在 Ping 10.20.4.252 具有 32 字节的数据:
请求超时。
请求超时。
C:\Users\Administrator>route print
C:\Users\Administrator>route add 10.20.4.0 mask 255.255.252.0 10.18.4.250
 操作完成!
C:\Users\Administrator>ping 10.20.4.252
正在 Ping 10.20.4.252 具有 32 字节的数据:
来自 10.20.4.252 的回复: 字节=32 时间<1ms TTL=254
来自 10.20.4.252 的回复: 字节=32 时间<1ms TTL=254

##二层sw-2-1添加路由

[sw-2-1]ip route-static 0.0.0.0 0.0.0.0 1.1.1.2
[sw-2-1]ip route-static 0.0.0.0 0.0.0.0 10.20.4.252

由于之前防火墙已经开启了web端口，这里telnet就很容易了

在pc的cmd窗口进行telnet 10.20.4.252

在pc的cmd窗口进行telnet 10.20.4.253

最后3个设备的配置文件

[fw-1]dis current-configuration
#
 version 7.1.064, Alpha 7164
#
 sysname fw-1
#
context Admin id 1
#
 telnet server enable
#
 irf mac-address persistent timer
 irf auto-update enable
 undo irf link-delay
 irf member 1 priority 1
#
nat address-group 1 name 1
 address 10.18.4.250 10.18.4.250
#
 xbar load-single
 password-recovery enable
 lpu-type f-series
#
vlan 1
#
object-group ip address y11
 security-zone Untrust
 0 network subnet 10.19.4.0 255.255.252.0
#
object-group ip address y22
 security-zone Trust
 0 network subnet 10.18.4.0 255.255.252.0
#
interface NULL0
#
interface GigabitEthernet1/0/0
 port link-mode route
 combo enable copper
 ip address 10.18.4.250 255.255.252.0
 nat outbound 2001 address-group 1 no-pat description 1
#
interface GigabitEthernet1/0/1
 port link-mode route
 combo enable copper
 ip address 1.1.1.2 255.255.255.252
#
interface GigabitEthernet1/0/2
 port link-mode route
 combo enable copper
#
interface GigabitEthernet1/0/3
 port link-mode route
 combo enable copper
#
interface GigabitEthernet1/0/4
 port link-mode route
 combo enable copper
#
interface GigabitEthernet1/0/5
 port link-mode route
 combo enable copper
#
interface GigabitEthernet1/0/6
 port link-mode route
 combo enable copper
#
interface GigabitEthernet1/0/7
 port link-mode route
 combo enable copper
#
interface GigabitEthernet1/0/8
 port link-mode route
 combo enable copper
#
interface GigabitEthernet1/0/9
 port link-mode route
 combo enable copper
#
interface GigabitEthernet1/0/10
 port link-mode route
 combo enable copper
#
interface GigabitEthernet1/0/11
 port link-mode route
 combo enable copper
#
interface GigabitEthernet1/0/12
 port link-mode route
 combo enable copper
#
interface GigabitEthernet1/0/13
 port link-mode route
 combo enable copper
#
interface GigabitEthernet1/0/14
 port link-mode route
 combo enable copper
#
interface GigabitEthernet1/0/15
 port link-mode route
 combo enable copper
#
interface GigabitEthernet1/0/16
 port link-mode route
 combo enable copper
#
interface GigabitEthernet1/0/17
 port link-mode route
 combo enable copper
#
interface GigabitEthernet1/0/18
 port link-mode route
 combo enable copper
#
interface GigabitEthernet1/0/19
 port link-mode route
 combo enable copper
#
interface GigabitEthernet1/0/20
 port link-mode route
 combo enable copper
#
interface GigabitEthernet1/0/21
 port link-mode route
 combo enable copper
#
interface GigabitEthernet1/0/22
 port link-mode route
 combo enable copper
#
interface GigabitEthernet1/0/23
 port link-mode route
 combo enable copper
#
object-policy ip manage
 rule 0 pass
#
security-zone name Local
#
security-zone name Trust
 import interface GigabitEthernet1/0/0
#
security-zone name DMZ
#
security-zone name Untrust
 import interface GigabitEthernet1/0/1
#
security-zone name Management
#
zone-pair security source Trust destination Local
 object-policy apply ip manage
#
 scheduler logfile size 16
#
line class aux
 user-role network-operator
#
line class console
 user-role network-admin
#
line class tty
 user-role network-operator
#
line class vty
 user-role network-operator
#
line aux 0
 user-role network-admin
#
line con 0
 authentication-mode scheme
 user-role network-admin
#
line vty 0 4
 authentication-mode scheme
 user-role network-admin
#
line vty 5 63
 user-role network-operator
#
 ip route-static 0.0.0.0 0 10.18.4.2
 ip route-static 10.19.4.0 22 GigabitEthernet1/0/1 1.1.1.1
 ip route-static 10.20.4.0 22 GigabitEthernet1/0/1 1.1.1.1
#
 time-range 1 09:14 to 19:14 daily
#
acl basic 2001
 rule 0 permit source 10.19.4.0 0.0.3.255
#
domain system
#
 aaa session-limit ftp 16
 aaa session-limit telnet 16
 aaa session-limit ssh 16
 domain default enable system
#
role name level-0
 description Predefined level-0 role
#
role name level-1
 description Predefined level-1 role
#
role name level-2
 description Predefined level-2 role
#
role name level-3
 description Predefined level-3 role
#
role name level-4
 description Predefined level-4 role
#
role name level-5
 description Predefined level-5 role
#
role name level-6
 description Predefined level-6 role
#
role name level-7
 description Predefined level-7 role
#
role name level-8
 description Predefined level-8 role
#
role name level-9
 description Predefined level-9 role
#
role name level-10
 description Predefined level-10 role
#
role name level-11
 description Predefined level-11 role
#
role name level-12
 description Predefined level-12 role
#
role name level-13
 description Predefined level-13 role
#
role name level-14
 description Predefined level-14 role
#
user-group system
#
local-user admin class manage
 password hash $h$6$tBhNQJuBUd3La7/h$+JNXdiLJ/VASRtMlo1o2qKKJhsNN36EOm7rtF1AccdjJUS60Q3tQaeqqCGXXiaqusgSawzTVnR5yOrVDq1PJzQ==
 service-type telnet terminal http https
 authorization-attribute user-role level-3
 authorization-attribute user-role network-admin
 authorization-attribute user-role network-operator
#
 ip http enable
 ip https enable
#
security-policy ip
 rule 0 name trust-to-untrust
  action pass
#
return

core-3-1

<core-3-1>dis current-configuration
#
 version 7.1.075, Alpha 7571
#
 sysname core-3-1
#
 clock protocol none
#
 telnet server enable
#
 irf mac-address persistent timer
 irf auto-update enable
 undo irf link-delay
 irf member 1 priority 1
#
 lldp global enable
#
 system-working-mode standard
 xbar load-single
 password-recovery enable
 lpu-type f-series
#
vlan 1
#
vlan 10
#
vlan 200
#
vlan 300
#
 stp global enable
#
interface NULL0
#
interface Vlan-interface10
 ip address 10.20.4.252 255.255.252.0
#
interface Vlan-interface200
 ip address 10.19.4.1 255.255.252.0
#
interface Vlan-interface300
 ip address 192.168.4.1 255.255.252.0
#
interface FortyGigE1/0/53
 port link-mode bridge
#
interface FortyGigE1/0/54
 port link-mode bridge
#
interface GigabitEthernet1/0/1
 port link-mode route
 combo enable fiber
 ip address 1.1.1.1 255.255.255.252
#
interface GigabitEthernet1/0/2
 port link-mode bridge
 port link-type trunk
 undo port trunk permit vlan 1
 port trunk permit vlan 10 200 300
 combo enable fiber
#
interface GigabitEthernet1/0/3
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/4
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/5
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/6
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/7
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/8
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/9
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/10
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/11
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/12
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/13
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/14
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/15
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/16
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/17
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/18
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/19
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/20
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/21
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/22
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/23
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/24
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/25
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/26
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/27
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/28
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/29
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/30
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/31
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/32
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/33
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/34
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/35
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/36
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/37
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/38
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/39
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/40
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/41
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/42
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/43
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/44
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/45
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/46
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/47
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/48
 port link-mode bridge
 combo enable fiber
#
interface M-GigabitEthernet0/0/0
#
interface Ten-GigabitEthernet1/0/49
 port link-mode bridge
 combo enable fiber
#
interface Ten-GigabitEthernet1/0/50
 port link-mode bridge
 combo enable fiber
#
interface Ten-GigabitEthernet1/0/51
 port link-mode bridge
 combo enable fiber
#
interface Ten-GigabitEthernet1/0/52
 port link-mode bridge
 combo enable fiber
#
 scheduler logfile size 16
#
line class aux
 user-role network-operator
#
line class console
 user-role network-admin
#
line class tty
 user-role network-operator
#
line class vty
 user-role network-operator
#
line aux 0
 user-role network-operator
#
line con 0
 user-role network-admin
#
line vty 0 4
 authentication-mode scheme
 user-role network-operator
#
line vty 5 63
 user-role network-operator
#
 ip route-static 0.0.0.0 0 1.1.1.2
 ip route-static 10.20.4.0 22 10.20.4.252
 ip route-static 10.20.4.0 22 1.1.1.2
#
 ntp-service unicast-server 10.20.4.253
#
radius scheme system
 user-name-format without-domain
#
domain name system
#
 domain default enable system
#
role name level-0
 description Predefined level-0 role
#
role name level-1
 description Predefined level-1 role
#
role name level-2
 description Predefined level-2 role
#
role name level-3
 description Predefined level-3 role
#
role name level-4
 description Predefined level-4 role
#
role name level-5
 description Predefined level-5 role
#
role name level-6
 description Predefined level-6 role
#
role name level-7
 description Predefined level-7 role
#
role name level-8
 description Predefined level-8 role
#
role name level-9
 description Predefined level-9 role
#
role name level-10
 description Predefined level-10 role
#
role name level-11
 description Predefined level-11 role
#
role name level-12
 description Predefined level-12 role
#
role name level-13
 description Predefined level-13 role
#
role name level-14
 description Predefined level-14 role
#
user-group system
#
local-user yhq class manage
 password hash $h$6$MyuRhIJeandoymXE$5SKNyQVYMgZZm6cJ6nMtUTz4HMCFAIGTjpTJOkX3l09oAnmS3NjZj2E7h1KGFMVk3XYzRqdsKYKI4bKc1HZmiQ==
 service-type telnet
 authorization-attribute user-role level-15
 authorization-attribute user-role network-operator
#
return

sw-2-1

<sw-2-1>dis current-configuration
#
 version 7.1.075, Alpha 7571
#
 sysname sw-2-1
#
 telnet server enable
#
 irf mac-address persistent timer
 irf auto-update enable
 undo irf link-delay
 irf member 1 priority 1
#
 lldp global enable
#
 system-working-mode standard
 xbar load-single
 password-recovery enable
 lpu-type f-series
#
vlan 1
#
vlan 10
#
vlan 200
#
vlan 300
#
 stp global enable
#
interface NULL0
#
interface Vlan-interface10
 ip address 10.20.4.253 255.255.252.0
#
interface Vlan-interface200
#
interface FortyGigE1/0/53
 port link-mode bridge
#
interface FortyGigE1/0/54
 port link-mode bridge
#
interface GigabitEthernet1/0/1
 port link-mode bridge
 port link-type trunk
 undo port trunk permit vlan 1
 port trunk permit vlan 10 200 300
 combo enable fiber
#
interface GigabitEthernet1/0/2
 port link-mode bridge
 port access vlan 200
 combo enable fiber
#
interface GigabitEthernet1/0/3
 port link-mode bridge
 port access vlan 300
 combo enable fiber
#
interface GigabitEthernet1/0/4
 port link-mode bridge
 port access vlan 200
 combo enable fiber
#
interface GigabitEthernet1/0/5
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/6
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/7
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/8
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/9
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/10
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/11
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/12
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/13
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/14
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/15
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/16
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/17
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/18
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/19
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/20
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/21
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/22
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/23
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/24
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/25
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/26
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/27
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/28
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/29
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/30
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/31
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/32
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/33
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/34
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/35
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/36
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/37
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/38
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/39
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/40
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/41
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/42
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/43
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/44
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/45
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/46
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/47
 port link-mode bridge
 combo enable fiber
#
interface GigabitEthernet1/0/48
 port link-mode bridge
 combo enable fiber
#
interface M-GigabitEthernet0/0/0
#
interface Ten-GigabitEthernet1/0/49
 port link-mode bridge
 combo enable fiber
#
interface Ten-GigabitEthernet1/0/50
 port link-mode bridge
 combo enable fiber
#
interface Ten-GigabitEthernet1/0/51
 port link-mode bridge
 combo enable fiber
#
interface Ten-GigabitEthernet1/0/52
 port link-mode bridge
 combo enable fiber
#
 scheduler logfile size 16
#
line class aux
 user-role network-operator
#
line class console
 user-role network-admin
#
line class tty
 user-role network-operator
#
line class vty
 user-role network-operator
#
line aux 0
 user-role network-operator
#
line con 0
 user-role network-admin
#
line vty 0 4
 authentication-mode scheme
 user-role level-3
 user-role network-operator
 set authentication password hash $h$6$LC3L/BBb1SYECRjg$Yt1smXHJIWusWQRLQiRc37xYCUcOs4hahYotExTAb261NBODmPW/4xruBr8pz7DenOdlDkvpzSofLC5qfv0qkA==
#
line vty 5 63
 user-role network-operator
#
 ip route-static 0.0.0.0 0 1.1.1.2
 ip route-static 0.0.0.0 0 1.1.1.1
 ip route-static 0.0.0.0 0 10.20.4.252
#
 ntp-service refclock-master 2
#
radius scheme system
 user-name-format without-domain
#
domain name system
#
 domain default enable system
#
role name level-0
 description Predefined level-0 role
#
role name level-1
 description Predefined level-1 role
#
role name level-2
 description Predefined level-2 role
#
role name level-3
 description Predefined level-3 role
#
role name level-4
 description Predefined level-4 role
#
role name level-5
 description Predefined level-5 role
#
role name level-6
 description Predefined level-6 role
#
role name level-7
 description Predefined level-7 role
#
role name level-8
 description Predefined level-8 role
#
role name level-9
 description Predefined level-9 role
#
role name level-10
 description Predefined level-10 role
#
role name level-11
 description Predefined level-11 role
#
role name level-12
 description Predefined level-12 role
#
role name level-13
 description Predefined level-13 role
#
role name level-14
 description Predefined level-14 role
#
user-group system
#
local-user yhq class manage
 password hash $h$6$2tMr2Zq84CM2cTGZ$0y06oUKk0a1+YnpPDapjOURe46hUuz0qULjIQMTuMhDBboWPydxqEDtvoprqDrX+wjH7FR5fVIaWvQC9l5yD3Q==
 service-type telnet
 authorization-attribute idle-cut 5
 authorization-attribute user-role level-3
 authorization-attribute user-role level-15
 authorization-attribute user-role network-operator
#
return

在初学使用阶段，如有不正，请提示~~谢谢！！

原文地址：https://www.cnblogs.com/yhq1314/p/11419953.html

时间： 2024-11-08 18:27:37

H3C 模拟器 pc与防火墙，交换机相连，在pc cmd下用telnet访问交换机和防火墙的相关文章

H3C模拟器ping，tel，ssh配置

本周学习了H3C的一些基础配置,比如ping,telnet,ssh的配置,以下是具体配置方法.(PS:需要在物理机的设备管理中添加一块网卡,并把模拟器中设备与主机相连的网卡改为次网卡,物理机配置IP均在次网卡上设置) 本次配置需要一台路由器和一台主机拓扑图如下H3C模拟器ping,tel,ssh配置一,ping配置 (1)进入接口,配置接口ip和网关H3C模拟器ping,tel,ssh配置(2)配置本机IP地址并且验证H3C模拟器ping,tel,ssh配置二,Telnet配置 (1)开启T

H3C模拟器里的F1060防火墙如何开启WEB界面

大家都知道H3C(新华三)旗下有一款设备模拟器,该模拟器可以完全模拟H3C的路由交换和防火墙设备(仅限支持的型号),但是很多新手不知道怎么开启F1060防火墙的web访问.本篇文章将教大家如何开启F1060的WEB访问,同时本文也适用于物理机配置WEB访问. 1 准备工作 1.1 配置基本的拓扑图注意:本篇文章只要配置红色线框内的两台设备,防火墙网口为GE_0/1,HOST桥接虚拟机网卡. 1.2 安装虚拟机并选择正确的网卡提示:网卡要选择正确,推荐系统为windows系统.这里你可以选择直

H3C模拟器

华三云实验室(H3C Cloud Lab,HCL)又称为H3C模拟器,是H3C公司推出的界面图形化的全真网络设备模拟软件.用户可以通过该软件实现H3C公司多种型号设备的虚拟组网.配置.调试.该软件具备友好易用的图形界面,可以模拟路由器.交换机等网络设备的全部功能,用户可以使用它在个人电脑上搭建虚拟的网络环境. H3C模拟器的适用对象包括: 网络技术的学习者: 准备参加H3CNE/H3CSE/H3CTE/H3CIE学习和考试者: 希望熟悉基于H3C公司Comware V7平台的网络设备者: 需要虚

H3C模拟器安装

HCL是H3C目前官方唯一出品的模拟器,整个产品的界面设计和性能比行业的其他H3C模拟器都要强大.华三云实验室(H3C Cloud Lab,简称HCL)是一款界面图形化的全真网络模拟软件,用户可以通过该软件实现H3C公司多个型号的虚拟设备的组网,是用户学习.测试基于H3C公司Comware V7平台的网络设备的必备工具.H3C Cloud Lab安装的需求:CPU:主频不低于1.2GHz,内核数目不低于2核,支持VT-x或AMD-V硬件虚拟技术.内存不低于4GB,硬盘不低于80GB.操作系统不低

使用H3C模拟器配置VLAN

任务组网需求:如下图所示,办公区的主机属于不同的网段 192.168.5.0/24 和192.168.50.0/24,Device C 在收到来自办公区主机的报文时,根据报文的源IP 地址,使来自不同网段主机的报文分别在指定的VLAN中传输.试验拓扑图如下:使用H3C模拟器配置VLAN相关项目2.配置步骤:(1) 配置 Device C配置子网192.168.5.0/24 与VLAN 100 关联.<DeviceC> system-view[DeviceC] vlan 100[DeviceC

集线器,路由器，交换机的作用和区别是什么?如何区分交换机,集线器,路由器?

从外观区分交换机和路由器 1.路由器上有一个WAN口,交换机上只有LAN口 2.从型号上来看,路由器的型号里边有R(router路由器的英文)字母,交换机有S(交换机switcher)字母 3.从机器上的标签来看,路由器的标签上有标示IP地址和账户密码,而交换机没有 4.从机器的电源适配器来看,通常交换机的电压是12V,而路由器是9V 号称网络硬件三剑客的集线器(Hub).交换机(Switch)与路由器(Router)一直都是网络界的活跃分子,但让很多初入网络之门的菜鸟恼火的是,它们三者不仅外观

交换机和路由器有什么区别路由器可以当交换机用吗？

经常看到有网络朋友在问交换机和路由器的区别,其实如果同时使用过交换机和路由器的朋友应该都了解些,对于大家来说,交换机和路由器的使用中最大的区别莫过于路由器内部可实现拨号上网,然后通过共享给多台电脑同时上网,而交换机内部不具有拨号功能,但交换机的作用是将网络信号分流,以实现更多电脑连接共享上网. 介绍到这里可能大家对交换机还不是很了解,这样说吧,我们知道路由器一把有5个端口,其中一个为WAN端口,与宽带线相连接的,其他四个端口是用来连接上网电脑的(无线路由器传输距离有多远),也就是说一个路由器最多

使用H3C模拟器HCL完成基础的IRF实施

步骤1. 确定IRF设备角色,配置设备的IRF优先级和编号[IRF2]irf member 1 renumber 2 //将IRF2(即SW2)的成员编号设置为2,默认为1Renumbering the member ID may result in configuration change or loss. Continue?[Y/N]:y[IRF2]save //切记保存The current configuration will be written to the device. Are

使用H3C模拟器配置DHCP相关项目

试验1:使用DHCP协议自动给PC机分配IP地址.试验拓扑图如下:使用路由器作为DHCP服务器实验配置如下:(1) # 配置接口的 IP 地址.<H3C> system-view[H3C] interface g 0/0[[H3C-GigabitEthernet0/0]] ip address 192.168.1.254 24[[H3C-GigabitEthernet0/0]] quit(2)# 启用 DHCP 服务.[H3C] dhcp enable(3) # 配置不参与自动分配的 IP 地